Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Email Security

GreatHorn Expands Email Security Platform

Waltham, MA-based GreatHorn has expanded its machine-learning phishing protection system into a complete email security platform. “This major new expansion of the Company’s flagship solution,” it announced on November 14, “addresses every potential stage of a phishing attack with integrated threat detection, protection, defense, and incident response.”

Waltham, MA-based GreatHorn has expanded its machine-learning phishing protection system into a complete email security platform. “This major new expansion of the Company’s flagship solution,” it announced on November 14, “addresses every potential stage of a phishing attack with integrated threat detection, protection, defense, and incident response.”

“We believe that email is the most critical business communication system in existence, and that requires best-in-class protection,” explains GreatHorn’s CEO and co-founder Kevin O’Brien, “not just a small point solution, plug-in or add-on.”

Four new modules have been added to the existing product: imposter protection (which offers protection against attacks via spoofed and look-alike domains, and business email compromise — BEC  — attacks); link protection (which includes automated URL sandboxing to protect against link-based credential theft); attachment protection (including file isolation for protection against zero-day attacks via attachments); and mailbox protection (providing personalized email protection for users based on their individual communication patterns and relationships).

The mailbox protection module is effectively a new product available as an Outlook or Chrome plug-in. It is available today in beta from GreatHorn; but will soon be on general release via the Microsoft Office Store or the Google Chrome Web Store. Its purpose is to provide the user with the tools and context necessary to make better decisions on how they interact with their email.

O’Brien believes that users are often dismissed as the company’s weakest link without ever being given the information necessary to make intelligent decisions. “The security industry continues to treat users as the ëweakest link’ in their security practices, rather than as intelligent, informed, and vital parts of a true security posture,” he said. 

“Until today, email users have not been provided with meaningful context or the security tools they need to make better risk decisions at the moment that they open and interact with their messages. With GreatHorn Mailbox Protection, however, relationship and risk data will be immediately and easily accessible to the user without needing technical training or having to navigate to another system. GreatHorn Mailbox Protection empowers end users to take action from the front lines, further reducing their organizations’ susceptibility to today’s advanced email attacks.”

Information provided to the email user includes the strength of their relationship (and that of their organization) with the sender; the data of their most recent outbound communication with the sender, the likelihood that the email comes from the purported domain; and the relative risk of any embedded links within the email.

Advertisement. Scroll to continue reading.

The user is then able to make an intelligent decision — to accept the email at face value, to mark it as phishing and quarantine it, or as spam and delete it, or to add the sender to a personal block list to reduce unwanted email.

The platform isn’t simply based on the addition of the new modules — the existing product has also been enhanced. “As part of the expansion,” GreatHorn told SecurityWeek, “we have made substantial updates to other parts of the platform, specifically Adaptive Threat Detection, Automated Threat Defense, and Post-Delivery Incident Response, which run across the platform regardless of the type of attack.”

The threat detection algorithms have been improved in their ability to calculate relationship strength and communication patterns, and the organizational and technical fingerprinting is enhanced to detect more nuanced anomalies such as domain authentication drift.

Threat detection is improved with URL rewriting and sandboxing, and analysis at both ingest and time of click — with greater administrative control over user interaction with suspicious links. Threat-specific context and warnings with configurable banners have been added.

The new platform is well-received by GreatHorn customers. “As the nation’s largest financial life management firm, United Capital Partners is a constant target for cybercriminals looking to gain financial advantage,” commented Brandon Gage, senior vice president of technology at United Capital Partners. “Imposter Protection from phishing and other fraudulent cyber-attacks, in particular, has been a critical focus for our GreatHorn implementation. We’re pleased with the decreased risk profile we’ve achieved through our collaboration with GreatHorn and have already seen additional value with the solution’s improved spoofing detection.”

GreatHorn, founded in 2015 by Kevin O’Brien and Raymond Wallace, raised $6.3 million Series A funding led by TechStars Venture Capital Fund and .406 Ventures in June 1027.

Related: State of Email Security: What Can Stop Email Threats? 

Related: DMARC Use is Growing, But Difficult to Configure Correctly and Completely 

Related: The Disconnect Between Understanding Email Threats and Preventing Them 

Related: Email Impersonation Attacks Increase by 80% 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Application Security

After skipping last month, Adobe returned to its scheduled Patch Tuesday cadence with the release of fixes for at least 38 vulnerabilities in multiple...